Ruby

dhi.io/ruby

Ruby 3.3.x (dev)

CIS
linux/amd64
debian 13
Tags:

3.3-debian-dev, 3.3-debian13-dev, 3.3-dev, 3.3.11-debian-dev, 3.3.11-debian13-dev, 3.3.11-dev

Index digest:

sha256:ed363a98c8068c68abb89d3975e7b2d3e1b7ccc815a51771493028fbc4a02e5c

Manifest digest:

sha256:0979e925961e7e0c4d67b5be09d066c23563583e42ed76932fcd8c070c94da3b

Size

154.30 MB

Last pushed

1 day ago

Vulnerabilities

1
2
3
18
22

Support

Active until Mar 2027

Overview

Docker Hardened Images include comprehensive security attestations that verify the image's build process, contents, and security posture. This image is built using SLSA Build Level 3 practices. Additionally, this image includes a source attestation that links to a corresponding source image containing all build materials. The following attestations are available and can be verified using cosign.

Docker's DHI public key is available at https://registry.scout.docker.com/keyring/dhi/latest.pub and also archived at https://github.com/docker-hardened-images/keyring.

How to verify attestations

1. List all available attestations

docker scout attest list dhi.io/ruby:3.3-debian-dev

2. Verify a specific attestation

For example, to verify the SLSA provenance attestation:

docker scout attest get dhi.io/ruby:3.3-debian-dev --predicate-type https://slsa.dev/provenance/v0.2 --verify

Attestations

All attestations are signed and can be verified with cosign.

PredicatePredicate typeReference
CycloneDX SBOM v1.6https://cyclonedx.org/bom/v1.6dhi.io/ruby@sha256:8f5b643a6c2852bd2863e765b4f7798614b18199f8c8d7551f7925761f1a2a15
Changelog v0.1https://docker.com/dhi/changelog/v0.1dhi.io/ruby@sha256:71cc035c25340e9565b3b940a3e58ec8fee7e5c7e0682bdeb2c0ad3c6cc03c13
DHI Image Sources v0.1https://docker.com/dhi/source/v0.1dhi.io/ruby@sha256:cda2421f0d9dc8cf30524c4b7a12e69a2f3b9b563b2e3b1b862c373239508783
CVEs v0.2https://in-toto.io/attestation/vulns/v0.2dhi.io/ruby@sha256:c9a86c5690710db64520cd9af70d20b041ff57bcc7cce2f379c93dfb0bdc837d
VEX v0.2.0https://openvex.dev/ns/v0.2.0dhi.io/ruby@sha256:b26f81431bf11ee2cfa13fc3f87352f5bd46ae727dd9c1d200fa5087cbebad29
Scout provenance v0.1https://scout.docker.com/provenance/v0.1dhi.io/ruby@sha256:ea052e903cfc6a63608d3954edbc1ee2cec58038cffeb6237a29ea44336383f5
Scout SBOM v0.1https://scout.docker.com/sbom/v0.1dhi.io/ruby@sha256:b8b3c03b053df9eeb256e77de343d364c448b1aea7f8ee294597417b03287918
Secrets scan v0.1https://scout.docker.com/secrets/v0.1dhi.io/ruby@sha256:3c8066a5a0528ad1e1719a0e78a82c3f298de695cacc56ad55a9cbf418065a9f
Tests v0.1https://scout.docker.com/tests/v0.1dhi.io/ruby@sha256:957a918c130dd5790bb250bf176656968260cf797ecaf037310c29cd51a54f4a
Virus scan v0.1https://scout.docker.com/virus/v0.1dhi.io/ruby@sha256:5e8024ea2f80177e6f326df00596e57e2776a3200417221972ae5be5de737749
CVEs v0.1https://scout.docker.com/vulnerabilities/v0.1dhi.io/ruby@sha256:242334cc44ed98e37c2eca34d42e7fb7ee5a8ba11375bdf18a150258717ca1d8
SLSA provenance v0.2https://slsa.dev/provenance/v0.2dhi.io/ruby@sha256:b927db4830032e6f2dedc36c7735c5ac28b0df362846430bf3480539f90dc689
SLSA provenance v1https://slsa.dev/provenance/v1dhi.io/ruby@sha256:fc47ba01d270349e7e8be9d5aaca7eef83e4b9d73bf92ae8f51c273ac6deaaeb
SLSA verification summary v1https://slsa.dev/verification_summary/v1dhi.io/ruby@sha256:ebe2d947c2a117fc813452f37653a6e028470bfd64fa775c607343ce9efad5c5
SPDX SBOMhttps://spdx.dev/Documentdhi.io/ruby@sha256:02b4471505f9ffd1e623df53f0f8798915be10ef423c4eaa8cd9b9905e3be3ce